Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/geLpEUJ1Bbn0kqAXBOIlBjFpg5A.roa
File:                     geLpEUJ1Bbn0kqAXBOIlBjFpg5A.roa (raw, json)
Hash identifier:          7D2NHhlFByvgdTP6P13a+6I0kLz+umFTp7aRzLYa1y0=
Subject key identifier:   81:E2:E9:11:42:75:05:B9:F4:92:A0:17:04:E2:25:06:31:69:83:90
Certificate issuer:       /CN=335e725cacf83c97f457a56762cf846d643117cd
Certificate serial:       018CC79415D180B9A311743F5E5EB2AE031F
Authority key identifier: 33:5E:72:5C:AC:F8:3C:97:F4:57:A5:67:62:CF:84:6D:64:31:17:CD
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/M15yXKz4PJf0V6VnYs-EbWQxF80.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/geLpEUJ1Bbn0kqAXBOIlBjFpg5A.roa
Signing time:             Tue 02 Jan 2024 00:30:20 +0000
ROA not before:           Tue 02 Jan 2024 00:30:20 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     19905
IP address blocks:        82.98.128.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/M15yXKz4PJf0V6VnYs-EbWQxF80.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/M15yXKz4PJf0V6VnYs-EbWQxF80.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/M15yXKz4PJf0V6VnYs-EbWQxF80.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 03 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c7:94:15:d1:80:b9:a3:11:74:3f:5e:5e:b2:ae:03:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=335e725cacf83c97f457a56762cf846d643117cd
        Validity
            Not Before: Jan  2 00:30:20 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=81e2e911427505b9f492a01704e2250631698390
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:49:86:17:35:8e:6f:17:03:b4:27:f6:20:00:
                    fe:da:20:48:38:ad:b1:74:cf:b8:a1:92:90:6c:da:
                    d7:ec:19:1e:81:82:ab:17:ad:6f:be:88:73:78:5d:
                    79:41:11:98:a6:21:b1:fd:2d:ec:d0:88:38:a9:61:
                    1a:ed:1d:cc:8f:d5:74:e0:53:68:5d:75:14:bb:f1:
                    67:17:5c:cf:89:b6:b1:ab:91:66:d5:89:d8:60:7a:
                    90:f4:86:e1:11:0b:67:ca:83:be:22:37:10:9f:ea:
                    da:e4:e3:3c:a5:dc:ee:6a:17:57:68:ea:8e:c5:46:
                    67:de:86:29:4a:dd:cd:7d:f9:3d:92:a6:fd:b1:c0:
                    63:02:5d:2e:bb:1b:73:3d:a2:7c:18:33:4f:d4:80:
                    01:82:8e:0b:32:d8:6f:7e:e3:af:bd:a7:bd:14:95:
                    c0:13:55:37:0e:76:86:b8:27:ee:e6:cd:f2:28:e1:
                    a5:cc:6c:67:4a:89:99:a6:19:b6:ee:b0:00:5f:5b:
                    62:a3:ab:f8:be:ad:30:d7:b7:3f:6b:3e:f9:8a:84:
                    1e:39:ff:c4:1b:de:3f:d9:b6:67:d3:2e:c4:e1:fc:
                    49:9a:4d:9f:36:f2:cb:34:39:c7:d0:94:64:cc:14:
                    fb:92:44:ba:84:70:a6:9a:25:68:39:14:a1:5d:b0:
                    c0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:E2:E9:11:42:75:05:B9:F4:92:A0:17:04:E2:25:06:31:69:83:90
            X509v3 Authority Key Identifier:
                keyid:33:5E:72:5C:AC:F8:3C:97:F4:57:A5:67:62:CF:84:6D:64:31:17:CD

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M15yXKz4PJf0V6VnYs-EbWQxF80.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/geLpEUJ1Bbn0kqAXBOIlBjFpg5A.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/92/026548-5012-4ad0-a5bb-82c0560595cd/1/M15yXKz4PJf0V6VnYs-EbWQxF80.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.98.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         9f:d0:38:a7:90:cc:8f:71:c4:d8:49:44:04:c0:3f:b0:d4:66:
         06:ad:87:b0:3c:98:81:66:c2:fb:b7:28:8b:8e:0e:31:1b:b7:
         6a:f8:ec:5d:fb:52:29:67:ea:fb:50:5d:d4:f5:3a:c7:d3:fe:
         78:cb:73:9b:87:7c:6d:57:1e:ca:45:fe:5b:b0:6c:a5:da:de:
         1d:93:d3:5f:47:71:87:ba:c2:9a:8f:51:d2:3c:10:41:0b:dc:
         d5:71:b1:a1:66:63:1a:3d:b5:de:c4:3f:b2:48:52:d0:2e:27:
         9b:e8:41:9c:52:48:42:ab:be:38:f5:44:a4:c1:64:5e:0f:97:
         f6:5b:69:c0:f0:63:e7:d1:09:0f:12:31:46:e6:fe:48:bd:14:
         fe:13:27:3f:89:a8:0e:0e:47:f7:29:1c:88:20:7f:9e:e5:06:
         7d:ce:5c:fc:f7:62:08:b4:5f:3b:78:f5:92:a1:0b:04:c0:17:
         06:b2:3e:ee:08:d1:63:2c:91:01:c1:a4:86:09:52:32:3c:5a:
         5c:41:81:58:20:ad:a4:83:01:f4:0e:cd:ec:72:e8:24:2f:78:
         df:b4:40:8a:ee:df:d6:c5:23:00:39:e6:26:a4:fa:16:d7:4b:
         7f:62:8b:3a:98:4c:dc:43:8d:63:38:74:60:67:78:63:1f:88:
         32:ee:23:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlBXRgLmjEXQ/Xl6yrgMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWU3MjVjYWNmODNjOTdmNDU3YTU2NzYyY2Y4NDZkNjQz
MTE3Y2QwHhcNMjQwMTAyMDAzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUyZTkxMTQyNzUwNWI5ZjQ5MmEwMTcwNGUyMjUwNjMxNjk4MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkmGFzWObxcDtCf2IAD+2iBIOK2x
dM+4oZKQbNrX7BkegYKrF61vvohzeF15QRGYpiGx/S3s0Ig4qWEa7R3Mj9V04FNo
XXUUu/FnF1zPibaxq5Fm1YnYYHqQ9IbhEQtnyoO+IjcQn+ra5OM8pdzuahdXaOqO
xUZn3oYpSt3Nffk9kqb9scBjAl0uuxtzPaJ8GDNP1IABgo4LMthvfuOvvae9FJXA
E1U3DnaGuCfu5s3yKOGlzGxnSomZphm27rAAX1tio6v4vq0w17c/az75ioQeOf/E
G94/2bZn0y7E4fxJmk2fNvLLNDnH0JRkzBT7kkS6hHCmmiVoORShXbDADQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIHi6RFCdQW59JKgFwTiJQYxaYOQMB8GA1UdIwQY
MBaAFDNeclys+DyX9FelZ2LPhG1kMRfNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTE1eVhLejRQSmYwVjZWbllzLUViV1F4RjgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8wMjY1NDgtNTAxMi00YWQwLWE1YmIt
ODJjMDU2MDU5NWNkLzEvZ2VMcEVVSjFCYm4wa3FBWEJPSWxCakZwZzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8wMjY1NDgtNTAxMi00YWQwLWE1YmItODJjMDU2MDU5NWNk
LzEvTTE1eVhLejRQSmYwVjZWbllzLUViV1F4RjgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGUmKAMA0G
CSqGSIb3DQEBCwUAA4IBAQCf0DinkMyPccTYSUQEwD+w1GYGrYewPJiBZsL7tyiL
jg4xG7dq+Oxd+1IpZ+r7UF3U9TrH0/54y3Obh3xtVx7KRf5bsGyl2t4dk9NfR3GH
usKaj1HSPBBBC9zVcbGhZmMaPbXexD+ySFLQLieb6EGcUkhCq7449USkwWReD5f2
W2nA8GPn0QkPEjFG5v5IvRT+Eyc/iagODkf3KRyIIH+e5QZ9zlz892IItF87ePWS
oQsEwBcGsj7uCNFjLJEBwaSGCVIyPFpcQYFYIK2kgwH0Ds3scugkL3jftECK7t/W
xSMAOeYmpPoW10t/Yos6mEzcQ41jOHRgZ3hjH4gy7iOT
-----END CERTIFICATE-----
Generated at Thu May 2 15:30:51 2024 by rpki-client on console-ams.rpki-client.org